openssh conversation failure issue on HPUX

Leo Liou leo.liou at
Tue Jul 14 06:11:46 EST 2009

Openssh 5.0p1 on HPUX 11.23.

Here is the message:
Jun 15 13:21:28 a300sua0 sshd[10798]: pam_setcred: error Permission


We track the issue to sshpam_cleanup() which resets the conversation
function pointer to sshpam_null_conv() before calling pam_setcred with
PAM_DELETE_CRED.  sshpam_null_conv() always just returns PAM_CONV_ERR.
It seems HPUX PAM module then decided to call the conversation function
(not sure why), and gets this error.

Is it possible/advisable to (maybe use #ifdef) move the pam_set_item
call to after the pam_setcred block?

Leo Liou
Not a shred of evidence exists in favor of the notion that life is
serious ...

More information about the openssh-unix-dev mailing list